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The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- tf the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- tf NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )□ Responsive to communication(s) filed on 29 April 2004 . 
2a)D This action is FINAL. 2b)H This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) El Claim(s) 7-25 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) S Claim(s) 1-25 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) S The drawing(s) filed on 4/29/2004 is/are: a)E3 accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 
Priority under 35 U.S.C. §§119 and 120 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
aO All b)D Some*c)D None of: 

Certified copies of the priority documents have been received. 
Certified copies of the priority documents have been received in Application No. . 



1.D 
2D 
3D 



Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

13) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application) 

since a specific reference was included in the first sentence of the specification or in an Application Data Sheet. 
37 CFR 1.78. 

a) □ The translation of the foreign language provisional application has been received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121 since a specific 

reference was included in the first sentence of the specification or in an Application Data Sheet. 37 CFR 1.78. 



Attachment(s) 

1 ) S Notice of References Cited (PTO-892) 

2) O Notice of Drafts person's Patent Drawing Review (PTO-948) 

3) CH Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 



4) ED Interview Summary (PTO-413) Paper No(s). 

5) □ Notice of Informal Patent Application (PTO-1 52) 

6) □ Other: 
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1DETAILED ACTION 



Response to Arguments 

1. In response to communications filed on 4/29/2004, Applicant amends claims 1,8, 13, 20, 
and 25. The following claims 1-25 are presented for examination. 

2. The amendments to the drawings on page 15, filed on 4/29/2004, have been considered. 

2. 1 Applicant's arguments, see pages 16-19, filed on 4/29/2004, with respect to the rejection 
of claims 1, 8, 13, 20, and 25 under 35 USC 103 (a) have been fully considered but are moot in 
view of the new ground(s) of rejection. Applicant argues about combining the teaching of 
Ferguson and Ng is improper because Ferguson recites, "ND values trump Sam values". 
Examiner respectfully states that Ng teaches other beneficial result than found in Ferguson and 
the prior art reference must be considered in its entirety. Applicant amends claims 1,8, 13, 20, 
and 25. Upon further consideration, a new ground of rejection is made in view of Cooper et al 
in combination to the references in the previous Office Action. Cooper teaches a management 
system that permits the undoing the at least one change so that any change is non-degenerative 
and reversible. 

Claim Rejections - 35 USC §103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject matter 
sought to be patented and the prior art are such that the subject matter as a whole would have 
been obvious at the time the invention was made to a person having ordinary skill in the art to 
which said subject matter pertains. Patentability shall not be negatived by the manner in which 
the invention was made. 

3.1 Claims 1-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over US Patent 
6,061,740 to Ferguson in view of US Patent 6,385,618 to Ng et al. and in view of US Patent 
6,021,331 to Cooper et aL, 

3.2 As per claims 1, 8, 13, 20, and 25, Ferguson substantially teaches a heterogenic 
computer having a first component the domestic system that meets the recitation of a first 
security descriptor; a second component, the foreign objects that meets the recitation of a second 
security descriptor (see column 8, lines 41-67); the step of converting the first security descriptor 
into a version that follows the second security is disclosed in column 9, lines 1-5. Ferguson 
does not explicitly teach step of comparing the converted version with the second security 
descriptor and changing the second security descriptor to reflect at least some of the changes 
represented in the converted version. However, Ng et aL in an analogous art discloses (710) a 
converted version of (3 10 in figure 3) that follows a hash table (720 in figure 7); (404) also 
follows a similar hash table (412). The step of updating (404) to reflect the changes in (310) 
meets the recitation of comparing the converted version with the second security descriptor and 
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changing the second security descriptor to reflect at least one security permission change 
represented in the converted version (see column 7, lines 47-56). Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to modify the 
method of Ferguson to change the second security descriptor to reflect at least some of the 
changes in the converted version in order to alleviate programmers from having to recreate their 
customizations to the classes when database changes thus saving significant development time as 
taught by Ng et aL (see column 3, lines 35-41). This modification would have been obvious 
because one skilled in the art would have been motivated by the suggestions provided by Ng et 
al. so as to save significant development time. 

Ferguson does not explicitly teach step of undoing the at least one security permission 
change in the second security descriptor. However, Cooper et aL in an analogous art discloses 
a step for undoing the at least one security permission change in the destination object and also 
making the operation reversible and further discloses an improvement to a previous 
arrangements which relied upon the generation of inverse operations to effect the reversal of a 
change to an object, for example (see column 14, lines 21-67 and column 16, line 15 through 
column 17, line 36). Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the method of Ferguson to include a step of undoing 
the at least one security permission change in the second security descriptor as taught by Cooper 
et al to invoke control changes and to provide the facility of reversing of operations within the 
control system (see column 16, lines 25-52). This modification would have been obvious 
because one skilled in the art would have been motivated by the suggestions provided by Cooper 
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et al. so as to invoke control changes and to provide the facility of reversing of operations within 
the control system. 

The new added steps of converting, comparing, and changing are the same as above 
except for replacing the second descriptor with the first descriptor in a reverse process. It 
requires routine skill in the art to implement these steps in reverse knowing the forward process. 

Claim 2 describes the first security descriptor as 4.0 specification. Ferguson et al. 
discloses that any of the computer systems may use any operating systems that meet the 4,0 
specification (column 15 lines 12-18 and column 1 1 lines 2-8). . 

Claim 3 describes the second security descriptor as Active Directory specification. 
Ferguson et al. discloses that any of the computer systems may use any operating systems that 
meet the Active Directory specification. 

Claim 4 describes the first security descriptor as Active Directory specification. 
Ferguson et al. discloses that any of the computer systems may use any operating systems that 
meet the Active Directory specification. 

Claim 5 describes the second security descriptor as 4.0 specification. Ferguson et al. 
discloses that any of the computer systems may use any operating systems that meet the 4.0 
specification. 
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As per claim 6, Ferguson et al. discloses the claimed method of claim 1 comprising an 
act of consulting mapping rules that define mappings of rights of the first security descriptor 
specification to the second security descriptor specification in column 1 1 lines 52-62. 

For each right that there is a corresponding mapping rule, converting the right that 
follows the first security descriptor specification to a corresponding right that follows the second 
security descriptor specification is disclosed in column 1 1 lines 60-65. 

"As values are mapped from SAM to NDS", assembling each corresponding right to 
other user objects (column 1, lines 12-29, see also claim 1 1 of Ferguson et al.) meets the 
recitation of assembling each corresponding right that follows the second specification right to a 
version of the first descriptor that follows the second descriptor specification. 

As per claim 7, Ferguson et al. discloses the claimed method of claim 1 wherein an act of 
comparing the rights in the version of the first security descriptor to the right in the second 
security descriptor in column 9 lines 3-7 and 35-37 and detecting changes in the first that are not 
reflected in the second (column 9 lines 1-20). 

Claim 9 describes the first security descriptor as 4.0 specification, Ferguson et al. 
discloses the operating systems that recognize the above specification in (column 15, lines 12-18 
and column 1 1 lines 2-8). 



Application/Control Number: 09/609, 1 97 Page 7 

Art Unit: 2136 

Claim 10 describes the second security descriptor as Active Directory specification. 
Ferguson et al. discloses the operating systems that recognize the above specification in (column 
15, lines 12-18 and column 11, lines 2-8). 

Claim 1 1 describes the first security descriptor as Active Directory specification. 
Ferguson et al. discloses the operating systems that recognize the above specification in (column 
15, lines 12-18 and column 1 1, lines 2-8). 

Claim 12 describes the second security descriptor as 4.0 specification. Ferguson et al. 
discloses the operating systems that recognize the above specification in (column 15, lines 12-18 
and column 1 1 lines 2-8). 

Claim 14 refers to a computer program product wherein the first security descriptor 
specification is the 4.0 specification. Ferguson et al. discloses the operating systems that 
recognize the above specification in (column 15 lines 12-18 and column 1 1 lines 2-8). 

Claim 1 5 refers to a computer program product wherein the second security descriptor is 
the Active Directory specification. Ferguson et al. discloses the operating systems that recognize 
the above specification in (column 15 lines 12-18 and column 1 1 lines 2-8). 
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Claim 16 refers to a computer program product wherein the first security descriptor is the 
Active Directory specification. Ferguson et al. discloses the operating systems that recognize the 
above specification in (column 15 lines 12-18 and column 1 1 lines 2-8). 

Claim 17 refers to a computer program product wherein the second security descriptor is 
the 4.0 specification. Ferguson et al. discloses the operating systems that recognize the above 
specification in (column 15 lines 12-18 and column 1 1 lines 2-8). 

Claim 18 refers to a computer program capable of performing the method in claim 6, 
which is found in the teaching of Ferguson et al. (see column 3 lines 55-57 and claim 20). 
Ferguson et al. also teaches that event monitor can also be a separate program (column 9 lines 
11-16). 

Claim 19 refers to a program capable of performing the method of claim 7. Ferguson et 
al. discloses a readable medium holding computer instructions that perform the teaching of 
claim 7. Ferguson et al. teaches that the management service can also be embodied in a 
computer readable medium (see column 3 lines 55-5, column 9 lines 55-59, and column 13 lines 
53-56) and (see also claims 1 1-20). 

Claim 21 refers to a computer program product wherein the first security descriptor 
specification is the 4.0 specification. Ferguson et al discloses the operating systems that 
recognize the above specification in (column 15 lines 12-18 and column 1 1 lines 2-8). 
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Claim 22 refers to a computer program product wherein the second security descriptor is 
the Active Directory specification. Ferguson et al. discloses the operating systems that recognize 
the above specification in (column 15 lines 12-18 and column 1 1 lines 2-8). 

Claim 23 refers to a computer program product wherein the first security descriptor is the 
Active Directory specification. Ferguson et al. discloses the operating systems that recognize the 
above specification in (column 15 lines 12-18 and column 1 1 lines 2-8). 

Claim 24 refers to a computer program product wherein the second security descriptor is 
the 4.0 specification. Ferguson et al. discloses the operating systems that recognize the above 
specification in (column 15 lines 12-18 and column 1 1 lines 2-8). 

Conclusion 

4. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

a. US Patent US 2002/0107837 Osborne et al. 

This patent pertains to a database system for reversing a change made to a record. 

b. US Patent 5,884,323 Hawkins et al. 

This patent pertains to a method and apparatus for file synchronization in heterogeneous 
network environment. 
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4. 1 . The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure as the art discloses access right and restoring and updating data associated with access 
control list. 



4.2 Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carl Colin whose telephone number is 703-305-0355. The 
examiner can normally be reached on Monday through Thursday and every other Friday, 8:00- 



If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 703-305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-3900. 
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